Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 40 million developers.Sign up
This release is mostly a preventative maintenance release to insure that all of the jar files have version numbers associated with them. Many libraries were updated in the process.
This also fixes the problems with sending expressions which contained certain characters. For example, the conversion 9/5 * $ + 32 now works from the plot options menu.
This release upgrades to the latest Struts 2 library (2.5.17) which addresses a potential vulnerability.
It includes some minor code changes and bug fixes.
If you don't want to upgrade your entire code base replace the file:
WebContent/WEB-INF/lib/struts2-core-2.5.13.jar with struts2-core-2.5.17.jar
to install the changes.
This is 8.6.7 to keep in line with internal and specialized releases.
This release is functionally equivalent to the 8.6.x series. The difference here is an upgrade of Struts 2 and a few of the associated support libraries. This version uses Struts 2.5.13 which is the current GA release.
We do not believe that LAS suffers from the XML de-serialization issues that motivated the Struts 2.5.13 release, but we want to keep LAS in step with the Struts library.
This release is functionally the same as 8.6. It removes one library which conflicts with the latest versions of Tomcat. It removes the custom serialization policy which is unnecessary for most installations and it does not copy a logging library to the THREDDS webapp which can lead to conflicts when using the latest THREDDS Data Server release (4.6.8).
This release upgrades the Struts 2 jars to the latest and greatest. It also updates the Struts 2 dependencies and moves to log4j v2.
This is a security patch release and we recommend you move to this release ASAP.
This release further sanitizes the error message returned to include only text supplied by the server and removes any client input from the returned message to remove the potential for cross-site scripting attaches.